Skip to main content
IBM  
Shop Support Downloads
IBM Home Products Consulting Industries News About IBM
IBM developerWorks : Linux : Education - Tutorials
LPI certification 102 exam prep, Part 4
ZIPPDF (letter)PDF (A4)e-mail
Main menuSection menuFeedbackPrevious
Next Section
3. NFS
  


Securing NFS page 5 of 5


It's important to mention that NFS version 2 and 3 have some very clear security limitations. They were designed to be used in a specific environment -- a secure, trusted LAN. In particular, NFS 2 and 3 were designed to be used on a LAN where "root" access to the machine is only allowed by administrators. Due to the design of NFS 2 and NFS 3, if a malicious user has "root" access to a machine on your LAN, he or she will be capable of bypassing NFS security and very likely be able to access or even modify files on the NFS server that he or she wouldn't normally be able to otherwise. For this reason, NFS should not be deployed casually. If you're going to use NFS on your LAN, great -- but set up a firewall first. Make sure that people outside your LAN won't be able to access your NFS server. Then, make sure that your internal LAN is relatively secure, and that you are fully aware of all the hosts participating in your LAN. Once your LAN's security has been thoroughly reviewed and (if necessary) improved, you're ready to safely use NFS (see Part 7 of this tutorial series for more on this).


Next Section
Main menuSection menuFeedbackPrevious
Privacy Legal Contact